Warning: Permanently added '10.128.0.118' (ED25519) to the list of known hosts.
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[   34.423318][ T6940] ==================================================================
executing program
[   34.425623][ T6940] BUG: KASAN: slab-use-after-free in __up_read+0xb4/0x5f8
[   34.427542][ T6940] Read of size 8 at addr ffff0000d9b71868 by task syz-executor131/6940
[   34.429829][ T6940] 
[   34.430449][ T6940] CPU: 1 PID: 6940 Comm: syz-executor131 Not tainted 6.6.0-rc7-syzkaller-g8de1e7afcc1c #0
executing program
[   34.433092][ T6940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023
[   34.435716][ T6940] Call trace:
[   34.436532][ T6940]  dump_backtrace+0x1b8/0x1e4
[   34.437796][ T6940]  show_stack+0x2c/0x44
[   34.438925][ T6940]  dump_stack_lvl+0xd0/0x124
[   34.440297][ T6940]  print_report+0x174/0x514
[   34.441507][ T6940]  kasan_report+0xd8/0x138
executing program
[   34.442726][ T6940]  __asan_report_load8_noabort+0x20/0x2c
[   34.444243][ T6940]  __up_read+0xb4/0x5f8
[   34.445383][ T6940]  up_read+0x2c/0x3c
[   34.446409][ T6940]  iommufd_vfio_ioas+0x2a8/0x5b4
[   34.447745][ T6940]  iommufd_fops_ioctl+0x590/0x6d8
[   34.449137][ T6940]  __arm64_sys_ioctl+0x14c/0x1c8
[   34.450437][ T6940]  invoke_syscall+0x98/0x2b8
[   34.451722][ T6940]  el0_svc_common+0x130/0x23c
[   34.452927][ T6940]  do_el0_svc+0x48/0x58
[   34.454069][ T6940]  el0_svc+0x54/0x158
[   34.455097][ T6940]  el0t_64_sync_handler+0x84/0xfc
[   34.456477][ T6940]  el0t_64_sync+0x190/0x194
executing program
[   34.457702][ T6940] 
[   34.458294][ T6940] Allocated by task 6940:
[   34.459435][ T6940]  kasan_set_track+0x4c/0x7c
[   34.460643][ T6940]  kasan_save_alloc_info+0x24/0x30
[   34.461920][ T6940]  __kasan_kmalloc+0xac/0xc4
[   34.463102][ T6940]  __kmalloc+0xcc/0x1b8
[   34.464250][ T6940]  _iommufd_object_alloc+0x3c/0x1c4
[   34.465655][ T6940]  iommufd_ioas_alloc_ioctl+0xa8/0x1fc
[   34.467116][ T6940]  iommufd_fops_ioctl+0x590/0x6d8
executing program
[   34.468402][ T6940]  __arm64_sys_ioctl+0x14c/0x1c8
[   34.469716][ T6940]  invoke_syscall+0x98/0x2b8
[   34.470899][ T6940]  el0_svc_common+0x130/0x23c
[   34.472169][ T6940]  do_el0_svc+0x48/0x58
[   34.473284][ T6940]  el0_svc+0x54/0x158
[   34.474335][ T6940]  el0t_64_sync_handler+0x84/0xfc
[   34.475641][ T6940]  el0t_64_sync+0x190/0x194
executing program
[   34.476774][ T6940] 
[   34.477370][ T6940] Freed by task 6946:
[   34.478416][ T6940]  kasan_set_track+0x4c/0x7c
[   34.479621][ T6940]  kasan_save_free_info+0x38/0x5c
[   34.481026][ T6940]  ____kasan_slab_free+0x144/0x1c0
[   34.482378][ T6940]  __kasan_slab_free+0x18/0x28
[   34.483675][ T6940]  __kmem_cache_free+0x2ac/0x480
[   34.484959][ T6940]  kfree+0xb8/0x19c
[   34.485939][ T6940]  iommufd_destroy+0x298/0x2dc
[   34.487187][ T6940]  iommufd_fops_ioctl+0x590/0x6d8
[   34.488474][ T6940]  __arm64_sys_ioctl+0x14c/0x1c8
[   34.489766][ T6940]  invoke_syscall+0x98/0x2b8
[   34.490964][ T6940]  el0_svc_common+0x130/0x23c
executing program
[   34.492149][ T6940]  do_el0_svc+0x48/0x58
[   34.493225][ T6940]  el0_svc+0x54/0x158
executing program
[   34.494252][ T6940]  el0t_64_sync_handler+0x84/0xfc
[   34.495588][ T6940]  el0t_64_sync+0x190/0x194
[   34.496816][ T6940] 
[   34.497437][ T6940] The buggy address belongs to the object at ffff0000d9b71800
[   34.497437][ T6940]  which belongs to the cache kmalloc-cg-1k of size 1024
[   34.501254][ T6940] The buggy address is located 104 bytes inside of
[   34.501254][ T6940]  freed 1024-byte region [ffff0000d9b71800, ffff0000d9b71c00)
[   34.504799][ T6940] 
executing program
[   34.505375][ T6940] The buggy address belongs to the physical page:
executing program
[   34.507082][ T6940] page:00000000de21d4e7 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff0000d9b77800 pfn:0x119b70
[   34.510152][ T6940] head:00000000de21d4e7 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[   34.512418][ T6940] ksm flags: 0x5ffc00000000840(slab|head|node=0|zone=2|lastcpupid=0x7ff)
[   34.514623][ T6940] page_type: 0xffffffff()
[   34.515712][ T6940] raw: 05ffc00000000840 ffff0000c000f280 fffffc000334c600 0000000000000003
[   34.517936][ T6940] raw: ffff0000d9b77800 0000000080100009 00000001ffffffff 0000000000000000
[   34.520203][ T6940] page dumped because: kasan: bad access detected
[   34.521970][ T6940] 
[   34.522565][ T6940] Memory state around the buggy address:
executing program
executing program
[   34.524063][ T6940]  ffff0000d9b71700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   34.526179][ T6940]  ffff0000d9b71780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[   34.528281][ T6940] >ffff0000d9b71800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   34.530432][ T6940]                                                           ^
[   34.532369][ T6940]  ffff0000d9b71880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   34.534498][ T6940]  ffff0000d9b71900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[   34.536592][ T6940] ==================================================================
executing program
executing program
executing program
executing program
executing program
executing program
[   34.564363][ T6940] Disabling lock debugging due to kernel taint
executing program
[   34.567128][ T6940] ------------[ cut here ]------------
executing program
[   34.568641][ T6940] DEBUG_RWSEMS_WARN_ON(!is_rwsem_reader_owned(sem)): count = 0xffff0000c53f0dc0, magic = 0xffff0000d9b71800, owner = 0x4ac029100001b22, curr 0xffff0000d6b0b780, list empty
executing program
executing program
executing program
[   34.582722][ T6940] WARNING: CPU: 1 PID: 6940 at kernel/locking/rwsem.c:1343 __up_read+0x554/0x5f8
[   34.585244][ T6940] Modules linked in:
[   34.586293][ T6940] CPU: 1 PID: 6940 Comm: syz-executor131 Tainted: G    B              6.6.0-rc7-syzkaller-g8de1e7afcc1c #0
[   34.589288][ T6940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023
[   34.591975][ T6940] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[   34.594071][ T6940] pc : __up_read+0x554/0x5f8
[   34.595228][ T6940] lr : __up_read+0x554/0x5f8
[   34.596433][ T6940] sp : ffff800097e37a40
[   34.597542][ T6940] x29: ffff800097e37ad0 x28: 1ffff00011c680bc x27: ffff80008e340000
[   34.599637][ T6940] x26: dfff800000000000 x25: ffff0000c53f0dc0 x24: ffff0000d9b71858
executing program
executing program
executing program
[   34.601738][ T6940] x23: ffff0000d6b0b780 x22: ffff800097e37a60 x21: 04ac029100001b22
executing program
[   34.603813][ T6940] x20: ffff0000d9b71800 x19: ffff0000d9b71800 x18: 1fffe000368333ce
[   34.605974][ T6940] x17: ffff80008e33d000 x16: ffff80008a719c70 x15: 0000000000000001
executing program
[   34.608139][ T6940] x14: 1ffff00011d6df13 x13: 0000000000000000 x12: 0000000000000000
[   34.610309][ T6940] x11: 0000000000000001 x10: 0000000000000000 x9 : 936c9d0d4b89bb00
[   34.612466][ T6940] x8 : 936c9d0d4b89bb00 x7 : ffff80008005f20c x6 : ffff80008005f408
executing program
executing program
[   34.614651][ T6940] x5 : ffff0000d549cd18 x4 : ffff800097e373c0 x3 : 0000000000000000
[   34.616842][ T6940] x2 : ffff0000d6b0b780 x1 : 0000000000000000 x0 : ffff8000803b32ac
[   34.619046][ T6940] Call trace:
[   34.619892][ T6940]  __up_read+0x554/0x5f8
[   34.621055][ T6940]  up_read+0x2c/0x3c
[   34.622116][ T6940]  iommufd_vfio_ioas+0x2a8/0x5b4
[   34.623509][ T6940]  iommufd_fops_ioctl+0x590/0x6d8
executing program
[   34.624874][ T6940]  __arm64_sys_ioctl+0x14c/0x1c8
[   34.626216][ T6940]  invoke_syscall+0x98/0x2b8
[   34.627488][ T6940]  el0_svc_common+0x130/0x23c
executing program
[   34.628754][ T6940]  do_el0_svc+0x48/0x58
[   34.629825][ T6940]  el0_svc+0x54/0x158
[   34.630865][ T6940]  el0t_64_sync_handler+0x84/0xfc
[   34.632171][ T6940]  el0t_64_sync+0x190/0x194
[   34.633324][ T6940] irq event stamp: 2049
executing program
[   34.634395][ T6940] hardirqs last  enabled at (2049): [<ffff8000803b32ac>] call_rcu+0x63c/0xaf4
executing program
[   34.636688][ T6940] hardirqs last disabled at (2048): [<ffff8000803b2d84>] call_rcu+0x114/0xaf4
[   34.639001][ T6940] softirqs last  enabled at (1186): [<ffff800080031c3c>] local_bh_enable+0x10/0x34
[   34.641392][ T6940] softirqs last disabled at (1184): [<ffff800080031c08>] local_bh_disable+0x10/0x34
[   34.643908][ T6940] ---[ end trace 0000000000000000 ]---
executing program
executing program
executing program
executing program
executing program
executing program
[   34.651112][ T6940] ------------[ cut here ]------------
[   34.652675][ T6940] DEBUG_RWSEMS_WARN_ON(tmp < 0): count = 0xffff0000c53f0cc0, magic = 0xffff0000d9b71800, owner = 0x4ac029100001b22, curr 0xffff0000d6b0b780, list empty
[   34.656763][ T6940] WARNING: CPU: 1 PID: 6940 at kernel/locking/rwsem.c:1348 __up_read+0x3bc/0x5f8
[   34.659143][ T6940] Modules linked in:
executing program
[   34.660134][ T6940] CPU: 1 PID: 6940 Comm: syz-executor131 Tainted: G    B   W          6.6.0-rc7-syzkaller-g8de1e7afcc1c #0
[   34.663003][ T6940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023
executing program
[   34.665687][ T6940] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[   34.667799][ T6940] pc : __up_read+0x3bc/0x5f8
[   34.669001][ T6940] lr : __up_read+0x3bc/0x5f8
[   34.670228][ T6940] sp : ffff800097e37a40
[   34.671346][ T6940] x29: ffff800097e37ad0 x28: 1ffff00011c680bc x27: ffff80008e340000
executing program
[   34.673476][ T6940] x26: dfff800000000000 x25: ffff0000c53f0cc0 x24: ffff0000d9b71858
[   34.675548][ T6940] x23: ffff0000d9b71800 x22: ffff0000c53f0cc0 x21: 04ac029100001b22
[   34.677647][ T6940] x20: ffff0000d6b0b780 x19: ffff0000d9b71800 x18: 1fffe000368333ce
executing program
[   34.679818][ T6940] x17: 0000000000000000 x16: ffff80008a668900 x15: 0000000000000001
[   34.682020][ T6940] x14: 1ffff00012fc6e64 x13: 0000000000000000 x12: 0000000000000000
executing program
[   34.684089][ T6940] x11: 0000000000000001 x10: 0000000000000000 x9 : 936c9d0d4b89bb00
[   34.686288][ T6940] x8 : 936c9d0d4b89bb00 x7 : 0000000000000001 x6 : 0000000000000001
[   34.688454][ T6940] x5 : ffff800097e37338 x4 : ffff80008e4210a0 x3 : ffff8000803639bc
[   34.690578][ T6940] x2 : 0000000000000001 x1 : 0000000000000001 x0 : 0000000000000000
[   34.692685][ T6940] Call trace:
executing program
[   34.693526][ T6940]  __up_read+0x3bc/0x5f8
[   34.694605][ T6940]  up_read+0x2c/0x3c
[   34.695601][ T6940]  iommufd_vfio_ioas+0x2a8/0x5b4
[   34.696930][ T6940]  iommufd_fops_ioctl+0x590/0x6d8
[   34.698281][ T6940]  __arm64_sys_ioctl+0x14c/0x1c8
executing program
[   34.699577][ T6940]  invoke_syscall+0x98/0x2b8
[   34.700808][ T6940]  el0_svc_common+0x130/0x23c
executing program
[   34.702064][ T6940]  do_el0_svc+0x48/0x58
[   34.703149][ T6940]  el0_svc+0x54/0x158
[   34.704171][ T6940]  el0t_64_sync_handler+0x84/0xfc
[   34.705458][ T6940]  el0t_64_sync+0x190/0x194
[   34.706709][ T6940] irq event stamp: 2049
[   34.707790][ T6940] hardirqs last  enabled at (2049): [<ffff8000803b32ac>] call_rcu+0x63c/0xaf4
executing program
[   34.710147][ T6940] hardirqs last disabled at (2048): [<ffff8000803b2d84>] call_rcu+0x114/0xaf4
executing program
[   34.712480][ T6940] softirqs last  enabled at (1186): [<ffff800080031c3c>] local_bh_enable+0x10/0x34
[   34.714938][ T6940] softirqs last disabled at (1184): [<ffff800080031c08>] local_bh_disable+0x10/0x34
[   34.717361][ T6940] ---[ end trace 0000000000000000 ]---
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[   35.508454][ T7954] ------------[ cut here ]------------
[   35.510047][ T7954] virt_to_phys used for non-linear address: 000000009b75b892 (0x200)
executing program
executing program
[   35.516553][ T7954] WARNING: CPU: 0 PID: 7954 at arch/arm64/mm/physaddr.c:15 __virt_to_phys+0x84/0x9c
[   35.519117][ T7954] Modules linked in:
executing program
[   35.520183][ T7954] CPU: 0 PID: 7954 Comm: syz-executor131 Tainted: G    B   W          6.6.0-rc7-syzkaller-g8de1e7afcc1c #0
[   35.523183][ T7954] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023
[   35.525951][ T7954] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[   35.528083][ T7954] pc : __virt_to_phys+0x84/0x9c
[   35.529401][ T7954] lr : __virt_to_phys+0x80/0x9c
[   35.530766][ T7954] sp : ffff8000995a7740
[   35.531897][ T7954] x29: ffff8000995a7740 x28: 0000000000000001 x27: ffff8000995a78b0
executing program
[   35.534133][ T7954] x26: 0000000000000001 x25: 0000000000001000 x24: 0000000000040000
[   35.536285][ T7954] x23: fffffc0000000000 x22: ffff80008dd08000 x21: 0000000000000200
[   35.538505][ T7954] x20: 0001000000000200 x19: 0000000000000200 x18: 1fffe0003682efce
[   35.540684][ T7954] x17: ffff80008e33d000 x16: ffff80008a719c70 x15: 0000000000000001
[   35.542876][ T7954] x14: 1fffe000368317a8 x13: 0000000000000000 x12: 0000000000000000
[   35.545068][ T7954] x11: 0000000000000001 x10: 0000000000000000 x9 : d62a4ca07f514c00
[   35.547281][ T7954] x8 : ffff80008dd08000 x7 : 1fffe0003682efcf x6 : ffff80008028e628
[   35.549461][ T7954] x5 : 0000000000000000 x4 : 0000000000000001 x3 : 0000000000000000
[   35.551672][ T7954] x2 : ffff0000d3a9d340 x1 : 0000000000000000 x0 : ffff80008028e6c8
[   35.553950][ T7954] Call trace:
[   35.554886][ T7954]  __virt_to_phys+0x84/0x9c
[   35.556185][ T7954]  qlist_free_all+0x60/0xcc
[   35.557412][ T7954]  kasan_quarantine_reduce+0x118/0x124
[   35.558899][ T7954]  __kasan_slab_alloc+0x2c/0x8c
[   35.560174][ T7954]  slab_post_alloc_hook+0x90/0x4a0
[   35.561536][ T7954]  __kmem_cache_alloc_node+0x278/0x37c
[   35.563019][ T7954]  __kmalloc+0xb8/0x1b8
[   35.564133][ T7954]  tomoyo_realpath_from_path+0xc8/0x4cc
[   35.565689][ T7954]  tomoyo_path_number_perm+0x1ec/0x6a8
[   35.567192][ T7954]  tomoyo_file_ioctl+0x2c/0x3c
[   35.568451][ T7954]  security_file_ioctl+0x80/0xbc
[   35.569819][ T7954]  __arm64_sys_ioctl+0xa8/0x1c8
[   35.571174][ T7954]  invoke_syscall+0x98/0x2b8
[   35.572434][ T7954]  el0_svc_common+0x130/0x23c
[   35.573721][ T7954]  do_el0_svc+0x48/0x58
[   35.574798][ T7954]  el0_svc+0x54/0x158
[   35.575876][ T7954]  el0t_64_sync_handler+0x84/0xfc
[   35.577212][ T7954]  el0t_64_sync+0x190/0x194
[   35.578438][ T7954] irq event stamp: 0
[   35.579503][ T7954] hardirqs last  enabled at (0): [<0000000000000000>] 0x0
[   35.581449][ T7954] hardirqs last disabled at (0): [<ffff8000801ae1fc>] copy_process+0x1318/0x34b8
[   35.583985][ T7954] softirqs last  enabled at (0): [<ffff8000801ae224>] copy_process+0x1340/0x34b8
[   35.586435][ T7954] softirqs last disabled at (0): [<0000000000000000>] 0x0
[   35.588333][ T7954] ---[ end trace 0000000000000000 ]---
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[   35.599305][ T7954] Unable to handle kernel paging request at virtual address fffffe0003860008
executing program
executing program
[   35.607074][ T7954] KASAN: maybe wild-memory-access in range [0x0003f0001c300040-0x0003f0001c300047]
[   35.612028][ T7954] Mem abort info:
executing program
executing program
[   35.614446][ T7954]   ESR = 0x0000000096000004
executing program
executing program
[   35.620496][ T7954]   EC = 0x25: DABT (current EL), IL = 32 bits
[   35.622372][ T7954]   SET = 0, FnV = 0
[   35.623584][ T7954]   EA = 0, S1PTW = 0
[   35.624939][ T7954]   FSC = 0x04: level 0 translation fault
[   35.627620][ T7954] Data abort info:
executing program
executing program
[   35.631656][ T7954]   ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000
executing program
executing program
[   35.637183][ T7954]   CM = 0, WnR = 0, TnD = 0, TagAccess = 0
[   35.640055][ T7954]   GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0
executing program
executing program
[   35.645498][ T7954] swapper pgtable: 4k pages, 48-bit VAs, pgdp=00000001af6a1000
executing program
executing program
executing program
[   35.654729][ T7954] [fffffe0003860008] pgd=0000000000000000, p4d=0000000000000000
executing program
executing program
[   35.661454][ T7954] Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP
[   35.663533][ T7954] Modules linked in:
[   35.664643][ T7954] CPU: 0 PID: 7954 Comm: syz-executor131 Tainted: G    B   W          6.6.0-rc7-syzkaller-g8de1e7afcc1c #0
[   35.667738][ T7954] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023
[   35.670415][ T7954] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[   35.672529][ T7954] pc : qlist_free_all+0x70/0xcc
[   35.673934][ T7954] lr : qlist_free_all+0x60/0xcc
[   35.675259][ T7954] sp : ffff8000995a7760
executing program
executing program
[   35.676405][ T7954] x29: ffff8000995a7760 x28: 0000000000000001 x27: ffff8000995a78b0
[   35.678568][ T7954] x26: 0000000000000001 x25: 0000000000001000 x24: 0000000000040000
[   35.680719][ T7954] x23: fffffc0000000000 x22: ffff80008dd08000 x21: 0000000000000200
[   35.682943][ T7954] x20: 0000000000000000 x19: ffff8000995a77a0 x18: 1fffe0003682efce
[   35.685066][ T7954] x17: ffff80008e33d000 x16: ffff80008a719c70 x15: 0000000000000001
[   35.687239][ T7954] x14: 1fffe000368317a8 x13: 0000000000000000 x12: 0000000000000000
[   35.689354][ T7954] x11: 0000000000000001 x10: 0000000000000000 x9 : d62a4ca07f514c00
[   35.691596][ T7954] x8 : fffffe0003860000 x7 : 1fffe0003682efcf x6 : ffff80008028e628
[   35.693872][ T7954] x5 : 0000000000000000 x4 : 0000000000000001 x3 : 0000000000000000
[   35.695974][ T7954] x2 : ffff0000d3a9d340 x1 : 0000000000000000 x0 : 0000800121800200
[   35.698129][ T7954] Call trace:
[   35.698991][ T7954]  qlist_free_all+0x70/0xcc
[   35.700254][ T7954]  kasan_quarantine_reduce+0x118/0x124
[   35.701795][ T7954]  __kasan_slab_alloc+0x2c/0x8c
[   35.703092][ T7954]  slab_post_alloc_hook+0x90/0x4a0
[   35.704468][ T7954]  __kmem_cache_alloc_node+0x278/0x37c
[   35.705958][ T7954]  __kmalloc+0xb8/0x1b8
[   35.707071][ T7954]  tomoyo_realpath_from_path+0xc8/0x4cc
[   35.708561][ T7954]  tomoyo_path_number_perm+0x1ec/0x6a8
[   35.709988][ T7954]  tomoyo_file_ioctl+0x2c/0x3c
[   35.711219][ T7954]  security_file_ioctl+0x80/0xbc
[   35.712507][ T7954]  __arm64_sys_ioctl+0xa8/0x1c8
[   35.713824][ T7954]  invoke_syscall+0x98/0x2b8
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[   35.715025][ T7954]  el0_svc_common+0x130/0x23c
[   35.716240][ T7954]  do_el0_svc+0x48/0x58
[   35.717326][ T7954]  el0_svc+0x54/0x158
[   35.718384][ T7954]  el0t_64_sync_handler+0x84/0xfc
[   35.719765][ T7954]  el0t_64_sync+0x190/0x194
[   35.720944][ T7954] Code: d346fc08 927acd08 cb181908 8b170108 (f9400509) 
[   35.722773][ T7954] ---[ end trace 0000000000000000 ]---
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
executing program
[   36.045468][ T7954] Kernel panic - not syncing: Oops: Fatal exception
[   36.047316][ T7954] SMP: stopping secondary CPUs
[   36.048654][ T7954] Kernel Offset: disabled
[   36.049817][ T7954] CPU features: 0x0,00000020,70020046,21017203
[   36.051480][ T7954] Memory Limit: none
[   36.379006][ T7954] Rebooting in 86400 seconds..